Firewalls: mis-use of telnet (was: Re: Hey the crackers have a new twist...)

Firewalls
(March 1994)

Indexed By Thread: [Previous] [Next]

Subject:	mis-use of telnet (was: Re: Hey the crackers have a new twist...)
From:	heiser @ world . std . com (Bill Heiser)
Date:	Tue, 29 Mar 1994 08:40:17 -0500 (EST)
To:	firewalls @ greatcircle . com
Cc:	heiser @ world . std . com (Bill Heiser)

Eric Murray <ericm @
 MicroUnity .
 com> wrote:

> Actually, it occurs that in this second scenario -- a confederate of the
> baddies, perhaps a disaffected employee inside your network -- even
> authentication of outbound connections wouldn't help you: if this
> insider is `trusted' -- allowed to make outbound connections through
> (say) your telnet application gateway -- then she can if so determined
> misuse this channel anyway (eg:
>   
>     connects  out via your telnet application gateway to a port on a <---**
>     collaborating remote system, which echoes back  commands  to  be
>     executed  on  your  local system; user's local program -- either
>     custom written, or `expect' wrapped around  an  ordinary  telnet
>     client(?)  -- then acts accordingly, and echoes resulting output
>     back down the line


... Well how about if the application gateway does not allow internal
users to "telnet to a port", but only allows telnet to the standard
remote telnet port? ...


-- 
 Bill Heiser   heiser @
 world .
 std .
 com

Follow-Ups:

Re: mis-use of telnet (was: Re: Hey the crackers have a new twist...)
From: ericm @ MicroUnity . com (Eric Murray)

Indexed By Date	Previous:	[no subject] From: Jaroslaw Liszowski student WT <liszowsk @ usctoux1 . cto . us . edu . pl>
Indexed By Date	Next:	Mosaic and ANS Interlock From: Scott Chasin <chasin @ crimelab . crimelab . com>
Indexed By Thread	Previous:	[no subject] From: Jaroslaw Liszowski student WT <liszowsk @ usctoux1 . cto . us . edu . pl>
Indexed By Thread	Next:	Re: mis-use of telnet (was: Re: Hey the crackers have a new twist...) From: ericm @ MicroUnity . com (Eric Murray)